Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
Editor's Blog and Industry Comments

Latest civil service data loss encrypted.

17 December, 2007
The UK Government issues another apology over lost data as DVLA admits driving test applicants data went missing in Iowa.
With ministerial pressure coming to bear on civil servants of all departments to increase security for public data, it was announced that the personal details of 3 million driving test applicants have gone missing but in this case, the data was less useful for identity thieves and, more importantly, there was some level of encryption used.

Although its unclear exactly what level of encryption was used on this data, the fact that it was not simply raw data or password protected provides some confidence that Government department data protection isn't a complete shambles.

This, after all, is what everyone is demanding. Encryption scrambles the data so that it can only be read by those who hold the encryption key and offers a much more secure level of protection than passwords. Password protection sits as a layer on top of the data and once this is broken through, the data is available to anyone. Encryption operates within the data layer and is a coding system that has to be broken rather than a string of 6-8 characters. Having this level of protection offers incomparably higher levels of security and is more likely to deter potential thieves from trying to obtain access. Very often, and in the case of the DVLA data certainly, the effort required to access the data far outweighs the benefits that can be obtained by gaining access.

With this in mind, there is no comparison between the HMRC and the DVLA data losses in terms of severity but it has nonetheless served to increase the pressure on the Government to increase data security and plug the holes through which sensitive data is leaking. The Chancellor has recommended making improvements in data security and it will soon become apparent if these recommendations are implemented in a consistent manner with a systematic approach that takes out the human factor which is by far the biggest detractor to achieving good data integrity.
Bookmark and Share